How to use OpenSSH as a secure Web proxy on Microsoft Windows using PuTTY — probably the single most popular SSH client available for Microsoft’s operating system platforms (and also available in the software management systems of many free UNIX/Linux systems).

You will need: PuTTY  and Firefox Browser

First we need to configure a PuTTY session to connect to the UNIX/Linux system you will use as your proxy server.

Fill in the following data:


  • Host Name (Or IP Address): This may be the domain name for your network, if you have domain name resolution via a dynamic DNS service or other means set up to allow access to your network via a domain name, or it may be the IP address for your router/firewall.
  • Port: SSH normally uses port 22, but this may be different, depending on how port forwarding may be set up on your trusted network.
  • Protocol: Select the SSH option.

In order to facilitate creating these encrypted proxy sessions quickly in the future, you may wish to give the session a name under the Saved Sessions heading and save it for future use. Do not click the Open button to connect yet, though.

Putty config

Second, configure an SSH encrypted tunnel through which your HTTP requests can be forwarded to the system you’re using as a proxy server. Open the Connection > SSH > Tunnels interface using the hierarchical Categories pane on the left-hand side of the PuTTY dialog box, and fill in this data:

  1. Source Port: Fill in a port number that will be used locally, on the laptop, for this connection. For instance, you might use port 8080 for forwarded HTTP requests.
  2. Destination: Leave the text field empty. Select the Dynamic and Auto options.

Click the Add button to commit these encrypted tunnel settings. When that happens, you will see a character string appear in the Forwarded Ports field, as shown in the following screenshot:

Putty Tunn

Third, after saving the session settings again to make sure the encrypted tunnel settings will be retrievable, click the Open button to establish the connection. You will have to provide a valid username and password on the remote system to establish the connection.

Fourth, configure Firefox to use your encrypted connection. Open the Options dialog box from the Tools menu, then select Advanced. Make sure the Network tab is selected, and click the Settings button. Fill in the following data:

  1. Configure proxies to access the Internet: Select Manual Proxy Configuration.
  2. SOCKS Host: Enter into the text field.
  3. Port: For the SOCKS Host, fill in the same port number you specified in the PuTTY tunneling dialog — 8080 in the above example.

Click the OK button to commit the changes, and exit the Options dialog box. When you are ready to click OK, the Connection Settings dialog box should look something like this:

Firefox Settings

Finally, you’re done.

All your Web browser’s traffic will pass through your secure proxy via an encrypted SSH tunnel.


Leave a Reply

Your email address will not be published. Required fields are marked *